Active directory designing

Discussion in 'Active Directory' started by Samin, May 10, 2004.

  1. Samin

    Samin Guest

    I am designing a active directory for a compamy which have 26 locations and linked with the head quater (HQ) with T1 link. Company have a currently PDC on head quater one BDc on each location (total 26 BDc) . There is a no direct link between each location, all the location are linked only with HQ so locations they do communication with each other through HQ
    Total user account in this are between 700 to 750

    If some can confirme my designing with only single forest , single domaine, single site with two 2 dc in HQ

    Thanks
     
    Samin, May 10, 2004
    #1
    1. Advertisements

  2. Samin

    eddiec Guest

    single forest is OK as you do not require any service or data isolation

    single domain is OK if you do not require any service or data autonomy

    If you are unable to place DC's in seperate locations due to lack of
    security / IT personel then you would include the site in the main office
    site. You would have to have reliable WAN links as if the WAN link fails
    users in the branch offices will not be able to authenticate. Also you would
    have to have sufficient bandwidth to support authentication and name
    resolution traffic.

    If any of the above are not true then you would want to look at placing a DC
    in any location that is capable of housing / supporting one. You would
    create a seperate site for this office so that you can control intersite
    replication.

    eddiec :)

    and linked with the head quater (HQ) with T1 link. Company have a currently
    PDC on head quater one BDc on each location (total 26 BDc) . There is a no
    direct link between each location, all the location are linked only with HQ
    so locations they do communication with each other through HQ.
    domaine, single site with two 2 dc in HQ .
     
    eddiec, May 10, 2004
    #2
    1. Advertisements

  3. Samin

    samin Guest

    thank you esdiec for your comments. I agree with you a to put a DC on other branch but the branches are connected only with HQ not with each other. If you have any idea how to controle auentification traffice and keep user working even they are disconnected from HQ.
     
    samin, May 10, 2004
    #3
  4. samin says...
    Hi Samin,

    if you need to put a DC in each of the branches (and make them a
    different site) is only dependant if you want the users there to be
    able to log on if the WAN-Link is not available. You'll have to make
    that DC also a GC, which is no issue at all since it holds all required
    informations anyway when we talk about one domain.

    To configure replication you need to create subnets, assign them to
    sites, and create site links between the sites. You don't have to worry
    about the replication links, let the Intersite Topology Gernerator do
    it's work - it will adjust automatically.
    In your case, configure the physical subnetzs you have, create one main
    site and one for each brach office, assign the approbiate subnets to
    that site, and create one sitelink for each branch office which
    connects just that site with the main office. This assures that each DC
    in the branch office will replicate with the main office and not with
    each other. However if you leave the automatic site bridging per
    default then the DCs in the branch office will start to replicate which
    each other just when the DCs in the main office are not available.

    HTH
     
    Ulf B. Simon-Weidner [MVP], May 10, 2004
    #4
  5. Samin

    samin Guest

    Thanks Simon
    Do you think it is good idea to put 27 dc in a domian with 700 users ??
     
    samin, May 10, 2004
    #5
  6. A single DC could easily cope with more then 700 users.
    Since you require authentication in the event of a WAN failure to the head
    office - you are forced to put at least one DC at each branch so you will
    have at least 27 DCs.
    Can you be more specific in your question ?

    --
    Regards,

    Mike
    --
    Mike Brannigan [Microsoft]

    This posting is provided "AS IS" with no warranties, and confers no
    rights

    Please note I cannot respond to e-mailed questions, please use these
    newsgroups
     
    Mike Brannigan [MSFT], May 10, 2004
    #6
  7. Samin

    eddiec Guest

    you could use cached credentials for logons


    other branch but the branches are connected only with HQ not with each
    other. If you have any idea how to controle auentification traffice and
    keep user working even they are disconnected from HQ.
     
    eddiec, May 11, 2004
    #7
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.